I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

(IISSCC, get it?), represents a mix of businesses and organizations that vary from government, to academia, to the computing industry and beyond. Right now, this organization offers what is probably the best-known security certification available in today's marketplace. It's called the CISSP, which stands for Certified Information Systems Security Professional.

The CISSP is designed to do for security professionals what other licenses like the CPA do for accountants -- namely, to warrant that they understand the general principles that dictate professional behavior, and that they know how to apply a specific body of knowledge to a well-understood area of technical activity. In theory, CISSPs know how to handle security matters ranging from physical security to security policies to software security. In practice, CISSPs must master a sufficiently large body of knowledge to pass a 250-question exam that covers ten important and specific areas of security:

Access control

Computer operations security

Cryptography

Application program security

Risk management and business continuity planning

Communications security

Computer architecture and systems security

Physical security

Policy, standards and organization

Law, investigations and ethics

The CISSP exam has the reputation of being fairly difficult, lasting for six hours and costing $395. And obtaining a CISSP is not a lifetime achievement, either -- CISSPs must rack up 120 continuing professional education (CPE) credits every three years thereafter to stay certified. Eighty CPEs must come from courses or other activities directly related to computer security topics, while the remaining 40 can come from any educational activities for which CPEs are reported. The idea is to keep up one's skills and knowledge base and to continue learning new topics and technologies. For those who can't meet this requirement, they must pass the CISSP exam every three years to stay certified.

At the end of 1998, ICS-squared reports that there were 1,500 CISSPs worldwide. Although they don't publish any more recent numbers, that number has probably doubled since then. Although this is a small population as most vendor certification programs go, it represents one of the largest bodies of certified security professionals in the world at present.

Given all this heady information, why might you want to consider becoming a CISSP? Right now, according to the International Computer Security Association (ICSA) there are 13 jobs in the U.S. for every security professional. Demand around the world is increasing, and the security area is rife with all kinds of opportunities -- for consulting, for outsourcing and for full-time positions. Many certification experts (including yours truly) expect security certifications to be among the biggest growth areas in IT in this decade. To repeat a time-honored phrase: "There's gold in them thar hills!"

As more and more organizations use their networks for mission critical applications, and more of those networks get hooked up to the Internet, there are boundless opportunities for those who know how to help those organizations practice safe computing. Although it's a serious responsibility to manage somebody's network and computer security, it's also interesting work amidst a constantly changing and highly technical landscape. If you ever dreamt of being a fireman or a cop as a kid, here's a way to exercise some of those do-gooder impulses, and make a good living, all at the same time!

To obtain more information about the CISSP exam you must contact the ICS-squared in writing, by phone, or by e-mail at:

Good luck with your certifications! Stay tuned to my tips for the next few months, as I cover other security certifications that may also be of interest.

About the author Ed Tittel writes books on a variety of computing subjects and teaches Windows security classes for Interop, the Internet Security Conference and Austin Community College. Contact Ed via e-mail at etittel@lanw.com.

Related Book

CISSP all-in-one certification exam guide By Shon HarrisSummary: This resource fully covers all exam objectives -- as developed by the International Information Systems Security Certification Consortium -- and offers essential information on IT security. Each chapter contains practice questions, sidebars with technical discussions, real-world examples and test-taking tips. You'll also get valuable information on current trends in security, disaster recovery and the benefits of obtaining this highly-coveted and advanced security certification.

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy